SOC L3 Analyst

Job Title: Regional SOC Analyst

Grade/Location Preference: G3

Job Position: Regional SOC Analyst

Role Summary: 

The APAC Regional SOC Analyst at NXP will be tasked with assisting in our day-to-day defensive information security operations, ensuring the security of IT, Operational Technology (OT), and R&D environments within our CIO Regional Command Center. This role is responsible for maintaining threat detection, incident response, and exposure management.  

As an APAC Regional SOC Analyst, you will develop and implement security strategies to protect against evolving cyber threats across diverse environments. You will collaborate with security architects, red teams, product teams, and engineering groups to strengthen our organization’s overall security posture. This role is pivotal leader for our regional security operations center team members, to ensure the continuity of information security operations.

The ideal candidate will be passionate about information security operations center, incident response, and leading a diverse team of global operators. The ideal candidate also has a foundational knowledge and experience in working in an Operational Technology (OT) manufacturing environments.

Your opportunity:
NXP is a global player in Semiconductor industry, and security is an essential and integral part of our business. Security Operations & Threat Defense

Job Responsibility:  

Operational Mentality and Vision:

• Collaborate with a regional team of cybersecurity professionals focused on threat detection, monitoring, and incident response for IT, OT, and R&D environments.
• Propose and enhance Security Operations Center (SOC) processes, including playbooks, automation, and alert triage.

Incident Response

• Provide SOC Tier 3 Incident response capabilities and coordinate regional cyber incident response efforts, ensuring timely containment, eradication, and recovery.

OT & R&D Security Strategy:

• Limited experience in security controls and frameworks tailored for ICS/SCADA, industrial IoT (IIoT), and embedded systems in OT environments.
• Ability to work closely with regional engineering and R&D teams to integrate security into product development lifecycles.
• Ensure compliance with industry regulations and frameworks such as NIST CSF, IEC 62443, and MITRE ATT&CK for ICS.

Vulnerability Management & Hardening

• Oversee regional vulnerability assessments and risk management programs across IT, OT, and R&D.
• Guide patch management and compensating controls for systems where direct patching is not feasible.
• Work with asset owners to implement segmentation, access controls, and Zero Trust strategies.

Risk Management and Ethical Considerations

• Work closely with regional security and risk peers to foresee and mitigate risks, ensuring ethical operations and compliance with upcoming regulations.

Job Qualification: 

Required Qualifications & Experience:

• 10+ years of experience in cybersecurity with a focus on blue teaming, security operations, and cyber defense.
• 2+ years working with the Crowdstrike Falcon Platform
• Required at least two (2) of the Certifications from the “Desired Certifications” list.
• Foundational expertise in both IT and OT security, with knowledge of ICS, SCADA, and industrial cyber threats.
• Experience securing R&D environments, including embedded systems, proprietary technologies, and intellectual property.
• Hands-on experience with SIEM, EDR, NDR, threat intelligence platforms, and security automation.
• Knowledge of MITRE ATT&CK (Enterprise & ICS), NIST 800-82, IEC 62443, and Zero Trust principles.
• Experience leading a team of cybersecurity professionals and developing operational security teams.
• Fundamental understanding of cloud security (AWS, Azure, GCP) and hybrid security architectures.

Desired Certifications

• GIAC Associate Certified Incident Handler
• GIAC Associate Security Operations Certified
• GIAC Security Essentials (GSEC)
• Associate Certified Cloud Security Professional  (CCSP)
• Certified Information Systems Security Professional (CISSP)
• COMPTIA Security +
• COMPTIA CYSA+
• AWS Certified Security
• Microsoft SC - 200

More information about NXP in India...